[go: up one dir, main page]

CN110476432B - Protection of surveillance media - Google Patents

Protection of surveillance media Download PDF

Info

Publication number
CN110476432B
CN110476432B CN201880023503.7A CN201880023503A CN110476432B CN 110476432 B CN110476432 B CN 110476432B CN 201880023503 A CN201880023503 A CN 201880023503A CN 110476432 B CN110476432 B CN 110476432B
Authority
CN
China
Prior art keywords
media
key
encrypted
token
receiving entity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880023503.7A
Other languages
Chinese (zh)
Other versions
CN110476432A (en
Inventor
米歇尔·安格尔
阿尔夫·勒托罗
安东尼·切莱蒂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nagravision SARL
Original Assignee
Nagravision SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nagravision SA filed Critical Nagravision SA
Priority to CN202210707282.3A priority Critical patent/CN114944959B/en
Publication of CN110476432A publication Critical patent/CN110476432A/en
Application granted granted Critical
Publication of CN110476432B publication Critical patent/CN110476432B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/107License processing; Key processing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/23Processing of content or additional data; Elementary server operations; Server middleware
    • H04N21/234Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs
    • H04N21/2347Processing of video elementary streams, e.g. splicing of video streams or manipulating encoded video stream scene graphs involving video stream encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/20Servers specifically adapted for the distribution of content, e.g. VOD servers; Operations thereof
    • H04N21/25Management operations performed by the server for facilitating the content distribution or administrating data related to end-users or client devices, e.g. end-user or client device authentication, learning user preferences for recommending movies
    • H04N21/266Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel
    • H04N21/26613Channel or content management, e.g. generation and management of keys and entitlement messages in a conditional access system, merging a VOD unicast channel into a multicast channel for generating or managing keys in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4627Rights management associated to the content
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N7/00Television systems
    • H04N7/18Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast
    • H04N7/183Closed-circuit television [CCTV] systems, i.e. systems in which the video signal is not broadcast for receiving images from a single remote source
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Technology Law (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
  • Storage Device Security (AREA)

Abstract

The media device receives a domain key from a service provider. The media device further encrypts the media using a media key and the domain key to form an encrypted media token: the protected media key is encapsulated in the encrypted media token. The service provider may then receive the encrypted media token and one or more recipient entity identifiers associated with the recipient entity and determine whether the recipient entity has access to the media from the media device. If the receiving entity has access to media from the media device, the service provider decrypts an encrypted media token using the domain key to obtain the media key and provides the media key to the receiving entity. In this way, the authenticated receiving entity can obtain the media key necessary to decrypt the media. Furthermore, there is no need for any intermediate entity to have similar access, and therefore the encryption provided by the media key is in place throughout the transmission of the media from the media device to the receiving entity.

Description

监视媒体的保护Protection of surveillance media

技术领域technical field

本公开涉及由诸如监视设备之类的媒体设备生成的媒体的保护。具体地,但不排他地,本公开涉及确保由监视相机生成的媒体的机密性。The present disclosure relates to the protection of media generated by media devices, such as monitoring devices. Specifically, but not exclusively, the present disclosure relates to ensuring the confidentiality of media generated by surveillance cameras.

背景技术Background technique

许多视频监视系统在系统的元件之间传输期间保护所生成的监视媒体内容。例如,在相机生成用于在远程设备处观看的媒体流的情况下,在诸如相机、远程设备和通过其传输媒体流的任何中间设备之间的系统的元件之间的媒体流的传输中强制媒体的机密性。Many video surveillance systems protect the generated surveillance media content during transmission between the elements of the system. For example, where a camera generates a media stream for viewing at a remote device, it is mandatory in the transmission of the media stream between elements of the system such as the camera, the remote device, and any intermediary devices through which the media stream is transmitted Confidentiality of the media.

结果,在系统元件之间的安全通信阶段之外,通常不存在保护实施,并且媒体内容实际上是不受保护的、易受攻击的并且可以被公开。具有适当策略管理的访问控制并不总是或较弱地在系统的一个或多个元件上实现,这意味着:在没有有效访问控制或监测的元件中,可以在没有授权的情况下访问未受保护的媒体内容;当在任何元件处的访问控制或监测被黑客攻击或以其他方式绕过时,媒体内容是不受保护的和易受攻击的。As a result, outside of the secure communication phase between system elements, there is often no protection enforcement and media content is effectively unprotected, vulnerable and can be disclosed. Access control with proper policy management is not always or weakly implemented on one or more elements of the system, which means that in elements without effective access control or monitoring, unauthorized access can be made without authorization. Protected media content; media content is unprotected and vulnerable when access control or monitoring at any element is hacked or otherwise bypassed.

附图说明Description of drawings

图1是用于实现优选实施方式的系统的示意图;1 is a schematic diagram of a system for implementing the preferred embodiment;

图2是图1的示意图,其中附加信息表示每个实体处的处理步骤;Fig. 2 is the schematic diagram of Fig. 1, wherein additional information represents processing steps at each entity;

图3是示出优选实施方式的过程的流程图;以及FIG. 3 is a flowchart illustrating the process of the preferred embodiment; and

图4示出了用于实现优选实施方式的硬件基础设施。Figure 4 shows the hardware infrastructure used to implement the preferred embodiment.

具体实施方式Detailed ways

概括地说,根据本公开的方法包括利用媒体密钥来保护由媒体设备生成的媒体,以及利用域密钥来保护所述媒体密钥以形成加密的媒体令牌。当接收实体希望访问媒体时,可信服务提供商可以对该接收实体进行认证并解密加密的媒体令牌以获取所述媒体密钥以供所述接收实体使用来解密所述媒体。以这种方式,所述媒体可以由生成它的所述媒体设备保护,而无需随后进行解密,直到所述媒体出现在授权的接收实体处。中间实体不需要能够访问解密的媒体。本公开还提供了一种被配置为执行该方法的计算机可读介质和系统。In summary, methods according to the present disclosure include protecting media generated by a media device with a media key, and protecting the media key with a domain key to form an encrypted media token. When a receiving entity wishes to access the media, the trusted service provider can authenticate the receiving entity and decrypt the encrypted media token to obtain the media key for use by the receiving entity to decrypt the media. In this way, the media can be protected by the media device that generated it without subsequent decryption until the media appears at an authorized receiving entity. The intermediate entity does not need to have access to the decrypted media. The present disclosure also provides a computer-readable medium and system configured to perform the method.

在本公开的一些方面中,提供了一种用于在网络中保护媒体内容的方法,包括以下步骤:媒体设备从服务提供商接收域密钥。所述媒体设备还使用媒体密钥对媒体进行加密,并使用所述域密钥对所述媒体密钥进行加密,以形成加密的媒体令牌:将受保护的媒体密钥封装在加密的媒体令牌中。然后,所述服务提供商可以接收加密的媒体令牌和与接收实体有关的一个或多个接收实体标识符,并确定所述接收实体是否有权访问来自所述媒体设备的媒体。如果所述接收实体有权访问来自所述媒体设备的媒体,则所述服务提供商使用所述域密钥来解密加密媒体令牌以获得所述媒体密钥并将所述媒体密钥提供给所述接收实体。这样,认证的接收实体可以获得解密所述媒体所必需的所述媒体密钥。此外,不需要任何中间实体具有类似的访问,因此在媒体从媒体设备到接收实体的整个传输过程中,由所述媒体密钥提供的加密是就位的。In some aspects of the present disclosure, a method for protecting media content in a network is provided, comprising the steps of: a media device receiving a domain key from a service provider. The media device also encrypts the media with the media key and encrypts the media key with the domain key to form an encrypted media token: encapsulates the protected media key in the encrypted media in the token. The service provider may then receive the encrypted media token and one or more recipient entity identifiers associated with the recipient entity and determine whether the recipient entity has access to the media from the media device. If the receiving entity has access to the media from the media device, the service provider decrypts an encrypted media token using the domain key to obtain the media key and provides the media key to the receiving entity. In this way, an authenticated recipient entity can obtain the media key necessary to decrypt the media. Furthermore, no intermediate entities are required to have similar access, so the encryption provided by the media key is in place throughout the transmission of the media from the media device to the receiving entity.

在一些实施方式中,在所述媒体设备处生成所述媒体密钥。或者,所述媒体设备可从外部源(例如,所述服务提供商)接收所述媒体密钥。所述媒体密钥可以是例如随机生成的。In some implementations, the media key is generated at the media device. Alternatively, the media device may receive the media key from an external source (eg, the service provider). The media key may be, for example, randomly generated.

可选地,所述域密钥与定义网络内的一个或多个媒体设备的域相关联。因此,所述域密钥可以对超过一个的媒体设备是公共的。给定媒体设备可以随时间被添加到域或从域移除,从而允许通过认证接收实体的过程来控制对来自该媒体设备的媒体的访问。接收实体可以在确定所述接收实体是否有权访问来自与所述域密钥相关联的所述域内的媒体设备的媒体的步骤之前被认证。Optionally, the domain key is associated with a domain that defines one or more media devices within the network. Thus, the domain key may be public to more than one media device. A given media device may be added to or removed from a domain over time, allowing access to media from that media device to be controlled through a process of authenticating the receiving entity. The receiving entity may be authenticated prior to the step of determining whether the receiving entity has access to media from media devices within the domain associated with the domain key.

所述媒体设备可以以使用一个或多个媒体设备标识符加密的形式从所述服务提供商接收所述域密钥。以此方式,所述服务提供商可以确保所述域密钥到所述媒体设备的传输的安全性。The media device may receive the domain key from the service provider in encrypted form using one or more media device identifiers. In this way, the service provider can ensure the security of the transmission of the domain key to the media device.

加密的媒体令牌可以包括与所述域密钥相关联的元数据。在这种情况下,受保护的媒体密钥被封装在具有元数据的加密媒体令牌中。例如,该元数据可以标识与所述域密钥相关联的所述域,或者可以以某种其他方式允许标识所述域密钥。这可以帮助所述服务提供商定位要用于对加密的媒体令牌进行解密的所述域密钥。The encrypted media token may include metadata associated with the domain key. In this case, the protected media key is encapsulated in an encrypted media token with metadata. For example, the metadata may identify the domain with which the domain key is associated, or may allow identification of the domain key in some other manner. This can help the service provider locate the domain key to be used to decrypt encrypted media tokens.

在一些实施方式中,所述媒体设备向所述接收实体发送加密的媒体令牌,并且所述服务提供商从所述接收实体接收加密的媒体令牌。例如,加密的媒体令牌可以与所述媒体本身一起被发送到所述接收实体。在其他示例中,可以在带外通信中(例如,以与媒体分开的方式)向所述接收实体发送加密的媒体令牌。加密的媒体令牌可以直接从所述媒体设备发送到所述接收实体,或者可以经由一个或多个中间实体发送。In some implementations, the media device sends an encrypted media token to the receiving entity, and the service provider receives the encrypted media token from the receiving entity. For example, an encrypted media token may be sent to the receiving entity along with the media itself. In other examples, the encrypted media token may be sent to the receiving entity in an out-of-band communication (eg, separate from the media). The encrypted media token may be sent directly from the media device to the receiving entity, or may be sent via one or more intermediary entities.

所述服务提供商可以以使用一个或多个接收设备标识符加密的形式接收加密的媒体令牌。另选地或附加地,所述服务提供商可以以使用一个或多个接收设备标识符加密的形式向所述接收实体提供所述媒体密钥。该方法可以帮助保护所述接收实体和所述服务提供商之间的通信。The service provider may receive the encrypted media token in encrypted form using one or more receiving device identifiers. Alternatively or additionally, the service provider may provide the media key to the receiving entity in encrypted form using one or more receiving device identifiers. The method can help secure communications between the receiving entity and the service provider.

媒体密钥和域密钥中的一个或双方可以周期性地改变。以这种方式,可以提高安全性。改变所述媒体密钥或所述域密钥可导致加密媒体令牌的再生。例如,所述媒体流可以包括数据分组,并且每个数据分组可以在从所述媒体设备传输之前使用所述媒体密钥来加密。如果所述媒体密钥被改变,例如,在预定长度时间之后或在预定数目的分组之后,则使用更新的媒体密钥对相同媒体流的后续分组进行加密。One or both of the media key and the domain key may change periodically. In this way, security can be improved. Changing the media key or the domain key may result in regeneration of encrypted media tokens. For example, the media stream may include data packets, and each data packet may be encrypted using the media key prior to transmission from the media device. If the media key is changed, eg, after a predetermined length of time or after a predetermined number of packets, subsequent packets of the same media stream are encrypted using the updated media key.

媒体可以包括音频和/或视觉内容。所述视觉内容可以包括视频或一个或多个静止图像。所述媒体还可以包括元数据。这样的元数据可以包括例如被设计为警告用户的警报指示。所述媒体可以是流媒体。所述媒体可以由所述媒体设备实时生成。所述媒体设备可以包括相机。例如,所述媒体设备可以是诸如移动监视相机之类的监视相机。例如,所述媒体设备可以是无人机、机器人或可穿戴式相机。所述媒体设备可以是但不限于能够处理或生成媒体的任何其他设备。The media may include audio and/or visual content. The visual content may include video or one or more still images. The media may also include metadata. Such metadata may include, for example, alert indications designed to alert the user. The media may be streaming media. The media may be generated by the media device in real time. The media device may include a camera. For example, the media device may be a surveillance camera such as a mobile surveillance camera. For example, the media device may be a drone, a robot, or a wearable camera. The media device may be, but is not limited to, any other device capable of processing or generating media.

在本公开的一些方面,提供了一种包括用于执行上述方面的方法的计算机可执行指令的计算机可读介质。此外,本公开的其他方面提供了一种被配置成执行这些方法的系统。In some aspects of the present disclosure, there is provided a computer-readable medium comprising computer-executable instructions for performing the method of the above-described aspects. Furthermore, other aspects of the present disclosure provide a system configured to perform the methods.

在本公开的一些方面,提供了一种用于在包括媒体设备和服务提供商的网络中保护媒体内容的系统。所述媒体设备被配置为:从所述服务提供商接收域密钥;以及利用媒体密钥对媒体进行加密,并且利用所述域密钥对所述媒体密钥进行加密以形成加密的媒体令牌。所述服务提供商被配置为:接收加密的媒体令牌和与接收实体相关的一个或多个接收实体标识符;确定所述接收实体是否有权访问来自所述媒体设备的媒体;并且,如果所述接收实体有权访问来自所述媒体设备的媒体,则使用所述域密钥来解密加密的媒体令牌以获得所述媒体密钥并将所述媒体密钥提供给所述接收实体。该方法的可选特征也可以应用于该系统。该系统还可以包括所述接收实体。所述接收实体可以被配置为使用从所述服务提供商接收的所述媒体密钥来解密所述媒体。In some aspects of the present disclosure, a system for protecting media content in a network including media devices and service providers is provided. The media device is configured to: receive a domain key from the service provider; and encrypt media with the media key, and encrypt the media key with the domain key to form an encrypted media token Card. the service provider is configured to: receive an encrypted media token and one or more recipient entity identifiers associated with the recipient entity; determine whether the recipient entity has access to media from the media device; and, if The receiving entity has access to the media from the media device, decrypts the encrypted media token using the domain key to obtain the media key and provides the media key to the receiving entity. Optional features of the method can also be applied to the system. The system may also include the receiving entity. The receiving entity may be configured to decrypt the media using the media key received from the service provider.

现在参考附图以说明的方式描述一些具体实施方式。Some specific embodiments will now be described by way of illustration with reference to the accompanying drawings.

参照图1,示出了包括相机设备11、一个或多个中间设备20和接收实体30的系统。相机设备是可以生成要由接收实体30接收的媒体的媒体设备。由相机11生成的媒体可以经由一个或多个中间实体20被发送到接收实体30。Referring to Figure 1, a system comprising a camera device 11, one or more intermediary devices 20 and a receiving entity 30 is shown. The camera device is a media device that can generate media to be received by the receiving entity 30 . The media generated by the camera 11 may be sent to the receiving entity 30 via one or more intermediate entities 20 .

相机设备11可以是任何固定或移动监视系统(例如无人机、机器人或可穿戴式设备)的一部分。通常,它可以是能够处理或生成媒体内容的任何设备。中间实体20可以是能够传递网络流量的任何网络元件,而接收实体30可以是用于媒体的回放或处理的任何合适的设备。接收实体30可以位于监视控制室或任何其他期望的位置,并且可以是固定的或便携式的。接收实体30例如可以是网络使能的终端用户设备,诸如膝上型计算机、个人计算机、平板计算机、智能电话等。The camera device 11 may be part of any fixed or mobile surveillance system such as a drone, robot or wearable device. In general, it can be any device capable of processing or generating media content. The intermediate entity 20 may be any network element capable of passing network traffic, while the receiving entity 30 may be any suitable device for playback or processing of media. The receiving entity 30 may be located in a surveillance control room or any other desired location, and may be fixed or portable. The receiving entity 30 may be, for example, a network-enabled end-user device such as a laptop computer, personal computer, tablet computer, smartphone, or the like.

作为图1的系统的一部分还示出了许可证供应服务40。这充当服务提供商并且可以与策略管理器50通信。还示出了秘密提供服务60,其可以可选地被提供以与相机设备11和接收实体30通信。Also shown as part of the system of FIG. 1 is a license provisioning service 40 . This acts as a service provider and can communicate with the policy manager 50 . Also shown is a secret provisioning service 60, which may optionally be provided to communicate with the camera device 11 and the receiving entity 30.

许可证提供服务40、策略管理器50和秘密提供服务60可以协同地充当服务提供商。它们中的每一个可以实现为基于云端的服务,或者可以实现在定义的物理设备(诸如服务器)上。The license provision service 40, the policy manager 50 and the secret provision service 60 may act cooperatively as a service provider. Each of them can be implemented as a cloud-based service, or can be implemented on a defined physical device such as a server.

通常,图1中示出的每个元件可以在一个或多个计算设备上实现,其进一步细节在下面参照图4进行阐述。Generally, each element shown in FIG. 1 may be implemented on one or more computing devices, further details of which are set forth below with reference to FIG. 4 .

参照图2和图3可以理解图1的系统的操作。图2示出了图1的系统,其具有标识与下述处理步骤相关联的系统元件内或系统元件之间的通信的附加附图标记。图2中的编号与下面的段落编号“1”到“10”相关联。图3是提供对某些过程步骤的进一步说明并以一种可能的顺序说明这些步骤的流程图。The operation of the system of FIG. 1 can be understood with reference to FIGS. 2 and 3 . Figure 2 illustrates the system of Figure 1 with additional reference numerals identifying communications within or between system elements associated with the processing steps described below. The numbers in Figure 2 are associated with paragraph numbers "1" to "10" below. Figure 3 is a flow chart providing further explanation of certain process steps and illustrating the steps in one possible order.

1-在步骤s31,相机11被配置有设备唯一秘密。存在与相机11相关联的一个或多个标识符。这些秘密可以是基于软件或硬件的。如图2中秘密提供服务60的选项1d所示,可以在制造时或越空(over-the-air)预先供应这些秘密。1 - At step s31, the camera 11 is configured with a device unique secret. There are one or more identifiers associated with the camera 11 . These secrets can be software or hardware based. These secrets can be pre-provisioned at the time of manufacture or over-the-air, as shown in option 1d of the secret provisioning service 60 in Figure 2 .

2-相机与一个域相关联。此域可将相机与其覆盖的区域连接或关联。在步骤s32,可以由许可证提供服务40针对域生成域密钥。在可能发生在相机11的安装期间的步骤s34,以越空方式从许可证提供服务40提供唯一域密钥。当使用可用的设备唯一秘密将该域密钥传输到相机11时,该域密钥被安全地保护。当相机被安装在新区域中或者现有区域被划分为新域时,新的唯一域密钥被提供给相机。2- A camera is associated with a domain. This field connects or associates the camera with the area it covers. At step s32, a domain key may be generated by the license providing service 40 for the domain. At step s34, which may occur during the installation of the camera 11, the unique domain key is provided from the license providing service 40 in an over-the-air manner. The domain key is securely protected when transmitted to the camera 11 using the available device unique secret. When a camera is installed in a new area or an existing area is divided into a new domain, a new unique domain key is provided to the camera.

3-在步骤s35,相机11可以生成媒体密钥,该媒体密钥用于在步骤s36对由相机生成的媒体进行加密。在步骤s37,使用唯一域密钥来保护该媒体密钥,并且生成加密的媒体令牌。加密的媒体令牌包括受保护的媒体密钥和附加元数据。可以在元数据中记录任何相关信息,诸如标识与相机11相关联的域的信息。由于媒体在相机11内被加密,所以当媒体离开相机11以在其他地方发送时受到保护。例如,在步骤s38,由媒体密钥加密的媒体被发送到接收实体30。如图2所示,该发送可以经由一个或多个中间实体20发生。在步骤s29,加密的媒体令牌也被发送到接收实体30。取决于流传输格式,加密的媒体令牌可以被嵌入在受保护的相机媒体内容中或者利用带外信道来进行发送。3- At step s35, the camera 11 may generate a media key which is used to encrypt the media generated by the camera at step s36. At step s37, the media key is protected with a unique domain key and an encrypted media token is generated. Encrypted media tokens include protected media keys and additional metadata. Any relevant information may be recorded in the metadata, such as information identifying the domain associated with the camera 11 . Since the media is encrypted within the camera 11, it is protected when it leaves the camera 11 to be sent elsewhere. For example, at step s38, the media encrypted by the media key is sent to the receiving entity 30. As shown in FIG. 2 , the sending may take place via one or more intermediary entities 20 . The encrypted media token is also sent to the receiving entity 30 at step s29. Depending on the streaming format, the encrypted media token can be embedded in the protected camera media content or sent using an out-of-band channel.

4-在步骤s33,接收实体30可以被配置有实体唯一秘密。这些实体唯一秘密用作与接收实体相关联的一个或多个标识符。秘密可以是基于软件或硬件的。如图1中的秘密提供服务60的选项1d所示,可以在制造时或越空地预供应这些秘密。4- At step s33, the receiving entity 30 may be configured with an entity unique secret. These entity-unique secrets serve as one or more identifiers associated with the receiving entity. Secrets can be software or hardware based. These secrets can be pre-provisioned at the time of manufacture or over-the-air, as shown in option 1d of the secret provisioning service 60 in Figure 1 .

5-在上述步骤s39之后,接收实体已经从相机11接收到加密的媒体令牌。如果需要,接收实体可以从媒体流中提取该令牌。在一些替代方案中,接收实体将从带外信道获得该令牌。然后,在步骤s40,接收实体30将加密的媒体令牌提供给许可证提供服务40。加密的媒体令牌是以用实体唯一秘密保护的密码质询的形式提供的。该密码质询用于认证接收实体30。5- After step s39 above, the receiving entity has received the encrypted media token from the camera 11. The receiving entity may extract the token from the media stream if desired. In some alternatives, the receiving entity will obtain the token from an out-of-band channel. Then, at step s40, the receiving entity 30 provides the encrypted media token to the license providing service 40. The encrypted media token is provided in the form of a cryptographic challenge protected with the entity's unique secret. This cryptographic challenge is used to authenticate the receiving entity 30 .

6-许可证提供服务40验证在先前步骤5中认证接收实体30的密码质询,并提取加密的媒体令牌。许可证提供服务40从封装在加密的媒体令牌中的元数据识别出域。然后,许可证提供服务40可以确认接收实体是否被授权访问来自相机11的媒体。如果接收实体30被策略管理器50授权访问该域,则在步骤s41,许可证提供服务40使用域密钥从加密的媒体令牌提取媒体密钥。然后,许可证提供服务40生成用相关使用规则封装媒体密钥的加密的实体令牌。使用接收实体30已知的实体唯一秘密而不是接收实体30未知的域密钥来保护加密的实体令牌,并且在步骤s42将加密的实体令牌提供回接收实体30。6 - The license offering service 40 verifies the cryptographic challenge that authenticated the receiving entity 30 in the previous step 5 and extracts the encrypted media token. The license provisioning service 40 identifies the domain from the metadata encapsulated in the encrypted media token. The license providing service 40 can then confirm whether the receiving entity is authorized to access the media from the camera 11 . If the receiving entity 30 is authorized to access the domain by the policy manager 50, then at step s41, the license providing service 40 extracts the media key from the encrypted media token using the domain key. The license provisioning service 40 then generates an encrypted physical token that encapsulates the media key with the relevant usage rules. The encrypted entity token is protected using an entity unique secret known to the receiving entity 30 rather than a domain key unknown to the receiving entity 30, and the encrypted entity token is provided back to the receiving entity 30 at step s42.

7-然后,接收实体30验证从许可证提供服务40接收的加密实体令牌。然后,在步骤s43,接收实体30可以提取媒体密钥,并且因此可以根据相关使用规则来解密受保护的相机媒体内容。所得到的未受保护的相机媒体内容可以由接收实体访问和/或处理。7- The receiving entity 30 then verifies the encrypted entity token received from the license providing service 40. Then, at step s43, the receiving entity 30 can extract the media key and thus can decrypt the protected camera media content according to the relevant usage rules. The resulting unprotected camera media content may be accessed and/or processed by the receiving entity.

8-作为一个选项,且为了提高对相机媒体内容的保护,可以定期更改媒体密钥。例如,媒体流可以包括数据分组,并且在从相机11发送之前使用媒体密钥对每个数据分组进行加密。如果所述媒体密钥被改变,例如,在预定长度时间之后或在预定数目的分组之后,使用更新的媒体密钥对相同媒体流的后续分组进行加密。在这种情况下,必须针对每次媒体密钥变更重新生成加密的媒体令牌,并将其再次发送到接收实体30。该方法可以通过要求使用重新生成的加密媒体令牌对接收实体进行重新认证,来帮助确保接收实体和服务提供商之间的通信,即使接收实体最初被授权对媒体流进行解密。8- As an option, and to improve the protection of the camera's media content, the media key can be changed periodically. For example, the media stream may include data packets, and each data packet is encrypted using a media key before being sent from the camera 11 . If the media key is changed, eg, after a predetermined length of time or after a predetermined number of packets, subsequent packets of the same media stream are encrypted using the updated media key. In this case, the encrypted media token must be regenerated for each media key change and sent to the receiving entity 30 again. The method can help ensure communications between the receiving entity and the service provider by requiring the receiving entity to be re-authenticated using the regenerated encrypted media token, even if the receiving entity was originally authorized to decrypt the media stream.

9-类似地,出于同样的原因,可以定期更改域密钥。在这种情况下,必须针对每个域密钥变更生成新的媒体密钥和新的加密媒体令牌,并将其再次发送到接收实体30。9- Similarly, domain keys can be changed periodically for the same reason. In this case, a new media key and a new encrypted media token must be generated for each domain key change and sent to the receiving entity 30 again.

10-由于所提出的相机媒体内容保护方案保留了内容格式的属性,因此未被授权访问未受保护的相机媒体内容的任何中间实体仍可以在没有隐私问题的情况下记录受保护的相机媒体内容。该记录的相机媒体内容可以在任何地方进行复制而没有隐私问题;该相机媒体内容保持受保护并且访问该相机媒体内容需要认证需要访问或处理相机媒体内容的实体以及如5、6和7中所述的由许可证提供服务40进行的验证。10- Since the proposed camera media content protection scheme preserves the properties of the content format, any intermediate entity not authorized to access unprotected camera media content can still record protected camera media content without privacy concerns . The recorded camera media content can be reproduced anywhere without privacy concerns; the camera media content remains protected and access to the camera media content requires authentication of the entity that needs to access or process the camera media content and as in 5, 6 and 7 The described verification by the license providing service 40.

该过程可以唯一地保护来自相机11或其他媒体设备的内容,并且提供对媒体的保护,而与诸如处理链中所涉及的中间设备20之类的设备的数量无关。This process can uniquely protect content from cameras 11 or other media devices and provide protection of the media regardless of the number of devices such as intermediaries 20 involved in the processing chain.

图4示出计算设备300的一个实施方案的框图,其中可执行用于使得计算设备执行本文所论述的方法中的任何一种或多种的指令集。计算设备300可以用于图1和图2所示的系统的元件。在另选的实现中,计算设备可以连接(例如,联网)到局域网(LAN)、内联网、外联网或因特网中的其他机器。计算设备可以在客户端-服务器网络环境中以服务器或客户端机器的能力来操作,或者作为对等(或分布式)网络环境中的对等机器来操作。计算设备可以是个人计算机(PC)、平板计算机、机顶盒(STB)、个人数字助理(PDA)、蜂窝电话、网络设备、服务器、网络路由器、开关或桥接器、或能够执行指定该机器要采取的动作的指令集(顺序或其他)的任何机器。此外,虽然仅示出了单个计算设备,但是术语“计算设备”还应被理解为包括单独地或联合地执行指令集(或多个指令集)以执行本文所讨论的任何一个或多个方法的机器(例如,计算机)的任何集合。4 illustrates a block diagram of one embodiment of a computing device 300 in which a set of instructions may be executable to cause the computing device to perform any one or more of the methods discussed herein. Computing device 300 may be used with elements of the systems shown in FIGS. 1 and 2 . In alternative implementations, the computing device may be connected (eg, networked) to other machines in a local area network (LAN), intranet, extranet, or the Internet. A computing device may operate in the capacity of a server or client machine in a client-server network environment, or as a peer-to-peer machine in a peer-to-peer (or distributed) network environment. The computing device may be a personal computer (PC), tablet computer, set-top box (STB), personal digital assistant (PDA), cellular phone, network device, server, network router, switch or bridge, or capable of performing the actions specified for the machine to take. Action's instruction set (sequential or otherwise) for any machine. Furthermore, although only a single computing device is shown, the term "computing device" should also be understood to include executing a set of instructions (or sets of instructions), individually or jointly, to perform any one or more of the methods discussed herein any collection of machines (eg, computers).

示例性计算设备300包括经由总线330彼此通信的处理设备302、主存储器304(例如,只读存储器(ROM)、闪速存储器、诸如同步DRAM(SDRAM)或Rambus DRAM(RDRAM)等的动态随机存取存储器(DRAM)等)、静态存储器306(例如,闪速存储器、静态随机存取存储器(SRAM)等),以及辅助存储器(例如,数据存储设备318)。Exemplary computing device 300 includes processing device 302, main memory 304 (eg, read only memory (ROM), flash memory, dynamic random access memory such as Synchronous DRAM (SDRAM) or Rambus DRAM (RDRAM), etc.) in communication with each other via a bus 330. fetch memory (DRAM), etc.), static memory 306 (eg, flash memory, static random access memory (SRAM), etc.), and secondary memory (eg, data storage device 318).

处理设备302表示一个或多个通用处理器,诸如微处理器、中央处理单元等。更具体地,处理设备302可以是复杂指令集计算(CISC)微处理器、精简指令集计算(RISC)微处理器、极长指令字(VLIW)微处理器、实施其他指令集的处理器或实施指令集组合的处理器。处理设备302还可以是一个或多个专用处理设备,诸如专用集成电路(ASIC)、现场可编程门阵列(FPGA)、数字信号处理器(DSP)、网络处理器,等等。处理设备302被配置为执行用于执行这里讨论的操作和步骤的处理逻辑运算(指令322)。Processing device 302 represents one or more general-purpose processors, such as microprocessors, central processing units, or the like. More specifically, the processing device 302 may be a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a processor implementing other instruction sets, or A processor that implements combination of instruction sets. Processing device 302 may also be one or more special purpose processing devices, such as application specific integrated circuits (ASICs), field programmable gate arrays (FPGAs), digital signal processors (DSPs), network processors, and the like. Processing device 302 is configured to perform processing logic operations (instructions 322) for performing the operations and steps discussed herein.

计算设备300还可以包括网络接口设备308。计算设备300还可以包括视频显示单元310(例如,液晶显示器(LCD)或阴极射线管(CRT))、字母数字输入设备312(例如,键盘或触摸屏)、光标控制设备314(例如,鼠标或触摸屏)和音频设备316(例如,扬声器)。Computing device 300 may also include a network interface device 308 . Computing device 300 may also include a video display unit 310 (eg, liquid crystal display (LCD) or cathode ray tube (CRT)), alphanumeric input device 312 (eg, keyboard or touch screen), cursor control device 314 (eg, mouse or touch screen) ) and audio equipment 316 (eg, speakers).

数据存储设备318可以包括一个或多个机器可读存储介质(或更具体地,一个或多个非瞬态计算机可读存储介质)328,在所述一个或多个机器可读存储介质328上存储有体现本文描述的方法或功能中的任何一个或多个的一组或多组指令322。在由计算设备300执行指令322期间,指令322还可完全或至少部分地位于主存储器304内和/或处理设备302内,主存储器304和处理设备302也构成计算机可读存储介质。Data storage device 318 may include one or more machine-readable storage media (or more specifically, one or more non-transitory computer-readable storage media) 328 on which One or more sets of instructions 322 are stored that embody any one or more of the methods or functions described herein. During execution of instructions 322 by computing device 300, instructions 322 may also reside entirely or at least partially within main memory 304 and/or within processing device 302, which also constitute computer-readable storage media.

上述各种方法可以通过计算机程序来实现。计算机程序可以包括被布置成指示计算机执行上述各种方法中的一种或多种的功能的计算机代码。用于执行这些方法的计算机程序和/或代码可以在一个或多个计算机可读介质上或更一般地在计算机程序产品上被提供给诸如计算机之类的装置。计算机可读介质可以是瞬态的或非瞬态的。一个或多个计算机可读介质可以是例如电子、磁、光、电磁、红外或半导体系统,或者用于数据传输的传播介质,例如用于通过因特网下载代码的传播介质。或者,一个或多个上计算机可读介质可采取一个或多个物理计算机可读介质的形式,例如半导体或固态存储器、磁带、可移除计算机磁盘、随机存取存储器(RAM)、只读存储器(ROM)、刚性磁盘及光盘,例如CD-ROM、CD-R/W或DVD。The various methods described above can be implemented by computer programs. The computer program may comprise computer code arranged to instruct a computer to perform the functions of one or more of the various methods described above. Computer programs and/or code for performing the methods may be provided to an apparatus such as a computer on one or more computer-readable media, or more generally, a computer program product. Computer readable media may be transitory or non-transitory. The one or more computer-readable media may be, for example, electronic, magnetic, optical, electromagnetic, infrared, or semiconductor systems, or a propagation medium for data transmission, such as for downloading code over the Internet. Alternatively, the one or more upper computer readable media may take the form of one or more physical computer readable media, such as semiconductor or solid state memory, magnetic tape, removable computer disk, random access memory (RAM), read only memory (ROM), rigid disks and optical disks such as CD-ROM, CD-R/W or DVD.

在一种实施方案中,本文中所描述的模块、组件和其他特征(例如,关于图4的控制单元310)可实现为离散组件或集成在硬件组件(例如,ASICS、FPGA、DSP或类似设备)的功能性中作为个性化服务器的一部分。In one embodiment, the modules, components, and other features described herein (eg, with respect to control unit 310 of FIG. 4 ) may be implemented as discrete components or integrated in hardware components (eg, ASICS, FPGA, DSP, or similar devices) ) as part of the Personalization Server.

“硬件组件”是能够执行特定操作的有形(例如,非瞬态)物理组件(例如,一个或多个处理器的集合),并且可以以特定物理方式来配置或布置。硬件组件可以包括被永久配置为执行特定操作的专用电路或逻辑器件。硬件组件可以是或包括专用处理器,诸如现场可编程门阵列(FPGA)或ASIC。硬件组件还可包括由软件临时配置以执行某些操作的可编程逻辑器件或电路。A "hardware component" is a tangible (eg, non-transitory) physical component (eg, a collection of one or more processors) capable of performing particular operations, and may be configured or arranged in a particular physical manner. Hardware components may include special purpose circuits or logic devices that are permanently configured to perform particular operations. The hardware components may be or include special purpose processors, such as field programmable gate arrays (FPGAs) or ASICs. Hardware components may also include programmable logic devices or circuits that are temporarily configured by software to perform certain operations.

因此,短语“硬件组件”应当被理解为包括有形实体,该有形实体可以被物理地构造、永久地配置(例如,硬连线)或临时地配置(例如,被编程)为以特定方式操作或执行本文所述的特定操作。Accordingly, the phrase "hardware component" should be understood to include a tangible entity that may be physically constructed, permanently configured (eg, hardwired) or temporarily configured (eg, programmed) to operate in a particular manner or Perform specific actions described in this article.

另外,模块和组件可以被实现为硬件设备内的固件或功能电路。此外,模块和组件可以以硬件设备和软件组件的任何组合来实现,或者仅以软件(例如,存储或以其他方式体现在机器可读介质或传输介质中的代码)来实现。Additionally, modules and components may be implemented as firmware or functional circuits within a hardware device. Furthermore, modules and components may be implemented in any combination of hardware devices and software components, or only in software (eg, code stored or otherwise embodied in a machine-readable medium or transmission medium).

除非从本公开中明确说明,否则如从以下讨论中清楚的,应当理解,在整个说明书中,利用诸如“接收”、“确定”、“比较”、“启用”、“保持”、“识别”、“替换”等术语表示计算机系统或相似电子计算设备的动作和过程,该计算机系统或相似电子计算设备操纵并将计算机系统的寄存器和存储器内表示为物理(电子)量的数据转换为计算机系统的存储器或寄存器或其他这样的信息存储、传输或显示设备内类似地表示为物理量的其他数据。Unless expressly stated otherwise from this disclosure, as will be clear from the following discussion, it should be understood that throughout Terms such as "replacement", "replacement" and the like refer to the actions and processes of a computer system or similar electronic computing device that manipulates and converts data represented as physical (electronic) quantities within the registers and memory of the computer system into the computer system A memory or register or other such information stores, transmits or displays other data similarly represented as physical quantities within the device.

应当理解,以上描述旨在是说明性的,而非限制性的。在阅读和理解以上描述后,许多其他实现方式对于本领域技术人员来说将是清楚的。尽管已经参考特定示例性实现描述了本公开,但是将认识到,本公开不限于所描述的实现,而是可以在所附权利要求的精神和范围内通过修改和变更来实践。因此,说明书和附图应被认为是说明性的,而不是限制性的。因此,本公开的范围应当参考所附权利要求以及这些权利要求所赋予的等同物的全部范围来确定。It should be understood that the above description is intended to be illustrative, and not restrictive. Many other implementations will be apparent to those skilled in the art upon reading and understanding the above description. Although the present disclosure has been described with reference to specific exemplary implementations, it will be recognized that the present disclosure is not limited to the described implementations, but can be practiced with modification and alteration within the spirit and scope of the appended claims. Accordingly, the specification and drawings are to be regarded in an illustrative rather than a restrictive sense. Therefore, the scope of the disclosure should be determined with reference to the appended claims, along with the full scope of equivalents to which such claims are entitled.

Claims (15)

1.一种用于在网络中保护媒体内容的方法,该方法包括:1. A method for protecting media content in a network, the method comprising: 在媒体设备处:At the media device: 从服务提供商接收域密钥;以及receive a domain key from a service provider; and 用媒体密钥对由所述媒体设备生成的媒体进行加密,并且用所述域密钥对所述媒体密钥进行加密,以形成加密的媒体令牌;encrypting media generated by the media device with a media key and encrypting the media key with the domain key to form an encrypted media token; 所述方法还包括,在所述服务提供商处:The method also includes, at the service provider: 接收所述加密的媒体令牌和与接收实体相关的一个或多个接收实体标识符;receiving the encrypted media token and one or more recipient entity identifiers associated with the recipient entity; 确定所述接收实体是否有权访问来自所述媒体设备的媒体;以及determining whether the receiving entity has access to media from the media device; and 如果所述接收实体有权访问来自所述媒体设备的媒体,则使用所述域密钥来解密所述加密的媒体令牌以获得所述媒体密钥并将所述媒体密钥提供给所述接收实体;并且If the receiving entity has access to the media from the media device, decrypt the encrypted media token using the domain key to obtain the media key and provide the media key to the the receiving entity; and 如果所述接收实体没有权访问来自所述媒体设备的媒体,则不使用所述域密钥来解密所述加密的媒体令牌以获得所述媒体密钥;其中,If the receiving entity does not have access to the media from the media device, then the encrypted media token is not decrypted using the domain key to obtain the media key; wherein, 媒体包括数据分组,每个数据分组在从所述媒体设备传输之前使用所述媒体密钥来加密,如果所述媒体密钥被变更,在预定数目的数据分组之后,使用变更后的媒体密钥对相同媒体流的后续数据分组进行加密。The media includes data packets, each data packet encrypted using the media key prior to transmission from the media device, and if the media key is changed, after a predetermined number of data packets, the changed media key is used Encrypt subsequent data packets of the same media stream. 2.根据权利要求1所述的方法,所述方法还包括在所述媒体设备处生成所述媒体密钥。2. The method of claim 1, further comprising generating the media key at the media device. 3.根据权利要求1或2所述的方法,其中,所述域密钥与定义所述网络内的一个或多个媒体设备的域相关联。3. The method of claim 1 or 2, wherein the domain key is associated with a domain defining one or more media devices within the network. 4.根据权利要求3所述的方法,其中,认证所述接收实体的步骤包括建立所述接收实体被授权访问来自与所述域密钥相关联的所述域内的媒体设备的媒体。4. The method of claim 3, wherein authenticating the receiving entity comprises establishing that the receiving entity is authorized to access media from media devices within the domain associated with the domain key. 5.根据权利要求1所述的方法,其中,所述媒体设备以使用一个或多个媒体设备标识符加密的形式接收所述域密钥。5. The method of claim 1, wherein the media device receives the domain key in encrypted form using one or more media device identifiers. 6.根据权利要求1所述的方法,其中,所述加密的媒体令牌包括与所述域密钥相关联的元数据。6. The method of claim 1, wherein the encrypted media token includes metadata associated with the domain key. 7.根据权利要求1所述的方法,其中,所述媒体设备向所述接收实体发送所述加密的媒体令牌,并且其中,所述服务提供商从所述接收实体接收所述加密的媒体令牌。7. The method of claim 1, wherein the media device sends the encrypted media token to the receiving entity, and wherein the service provider receives the encrypted media from the receiving entity token. 8.根据权利要求1所述的方法,其中,所述服务提供商以使用一个或多个接收设备标识符加密的形式来接收所述加密的媒体令牌。8. The method of claim 1, wherein the service provider receives the encrypted media token in encrypted form using one or more receiving device identifiers. 9.根据权利要求1所述的方法,其中,所述服务提供商以使用一个或多个接收设备标识符加密的形式向所述接收实体提供所述媒体密钥。9. The method of claim 1, wherein the service provider provides the media key to the receiving entity in encrypted form using one or more receiving device identifiers. 10.根据权利要求1所述的方法,其中,所述媒体密钥周期性地进行变更。10. The method of claim 1, wherein the media key is changed periodically. 11.根据权利要求1所述的方法,其中,所述域密钥周期性地进行变更。11. The method of claim 1, wherein the domain key is changed periodically. 12.根据权利要求1所述的方法,其中,所述媒体包括音频和/或视觉内容。12. The method of claim 1, wherein the media comprises audio and/or visual content. 13.根据权利要求1所述的方法,其中,所述媒体设备包括相机。13. The method of claim 1, wherein the media device comprises a camera. 14.一种计算机可读介质,该计算机可读介质包括用于执行权利要求1-13中任一项所述的方法的计算机可执行指令。14. A computer-readable medium comprising computer-executable instructions for performing the method of any of claims 1-13. 15.一种用于在包括媒体设备和服务提供商的网络中保护媒体内容的系统,其中:15. A system for protecting media content in a network comprising media devices and service providers, wherein: 所述媒体设备被配置为:The media device is configured to: 从所述服务提供商接收域密钥;以及receiving a domain key from the service provider; and 用媒体密钥对由所述媒体设备生成的媒体进行加密,并且用所述域密钥对所述媒体密钥进行加密,以形成加密的媒体令牌;encrypting media generated by the media device with a media key and encrypting the media key with the domain key to form an encrypted media token; 并且其中,所述服务提供商被配置为:and wherein the service provider is configured to: 接收所述加密的媒体令牌和与接收实体相关的一个或多个接收实体标识符;receiving the encrypted media token and one or more recipient entity identifiers associated with the recipient entity; 确定所述接收实体是否有权访问来自所述媒体设备的媒体;以及determining whether the receiving entity has access to media from the media device; and 如果所述接收实体有权访问来自所述媒体设备的媒体,则使用所述域密钥来解密所述加密的媒体令牌以获得所述媒体密钥并将所述媒体密钥提供给所述接收实体;并且If the receiving entity has access to the media from the media device, decrypt the encrypted media token using the domain key to obtain the media key and provide the media key to the the receiving entity; and 如果所述接收实体没有权访问来自所述媒体设备的媒体,则不使用所述域密钥来解密所述加密的媒体令牌以获得所述媒体密钥;其中,If the receiving entity does not have access to the media from the media device, then the encrypted media token is not decrypted using the domain key to obtain the media key; wherein, 媒体包括数据分组,每个数据分组在从所述媒体设备传输之前使用所述媒体密钥来加密,如果所述媒体密钥被变更,在预定数目的数据分组之后,使用变更后的媒体密钥对相同媒体流的后续数据分组进行加密。The media includes data packets, each data packet encrypted using the media key prior to transmission from the media device, and if the media key is changed, after a predetermined number of data packets, the changed media key is used Encrypt subsequent data packets of the same media stream.
CN201880023503.7A 2017-04-04 2018-04-04 Protection of surveillance media Active CN110476432B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210707282.3A CN114944959B (en) 2017-04-04 2018-04-04 Surveillance Media Protection

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP17164869.4A EP3386202A1 (en) 2017-04-04 2017-04-04 Security of surveillance media
EP17164869.4 2017-04-04
PCT/EP2018/058628 WO2018185174A1 (en) 2017-04-04 2018-04-04 Security of surveillance media

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202210707282.3A Division CN114944959B (en) 2017-04-04 2018-04-04 Surveillance Media Protection

Publications (2)

Publication Number Publication Date
CN110476432A CN110476432A (en) 2019-11-19
CN110476432B true CN110476432B (en) 2022-07-08

Family

ID=58544724

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201880023503.7A Active CN110476432B (en) 2017-04-04 2018-04-04 Protection of surveillance media
CN202210707282.3A Active CN114944959B (en) 2017-04-04 2018-04-04 Surveillance Media Protection

Family Applications After (1)

Application Number Title Priority Date Filing Date
CN202210707282.3A Active CN114944959B (en) 2017-04-04 2018-04-04 Surveillance Media Protection

Country Status (6)

Country Link
US (3) US11714883B2 (en)
EP (2) EP3386202A1 (en)
CN (2) CN110476432B (en)
BR (1) BR112019020149A2 (en)
ES (1) ES2982303T3 (en)
WO (1) WO2018185174A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114282175A (en) * 2021-12-23 2022-04-05 黄策 Distributed data encryption and decryption method
US20240305448A1 (en) * 2023-03-10 2024-09-12 Verkada Inc. Method and apparatus for improved video information security against unauthorized access

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7508941B1 (en) * 2003-07-22 2009-03-24 Cisco Technology, Inc. Methods and apparatus for use in surveillance systems
CN101938462A (en) * 2009-06-30 2011-01-05 安讯士有限公司 Be used to limit the method for the visit of the media data that video camera is produced
US8826036B1 (en) * 2009-10-29 2014-09-02 Amazon Technologies, Inc. Ebook encryption using variable keys
CN106464950A (en) * 2014-04-11 2017-02-22 电视广播有限公司 Method of delivering and securing media content

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7421411B2 (en) 2001-07-06 2008-09-02 Nokia Corporation Digital rights management in a mobile communications environment
US20060005257A1 (en) * 2004-07-01 2006-01-05 Nakahara Tohru Encrypted contents recording medium and apparatus and method for reproducing encrypted contents
US8769279B2 (en) 2006-10-17 2014-07-01 Verifone, Inc. System and method for variable length encryption
US8230466B2 (en) * 2006-11-16 2012-07-24 At&T Intellectual Property I, L.P. Home automation system and method including remote media access
US8539543B2 (en) * 2007-04-12 2013-09-17 Microsoft Corporation Managing digital rights for multiple assets in an envelope
EP2708007B1 (en) * 2011-05-13 2016-11-02 Telefonaktiebolaget LM Ericsson (publ) Methods, server and proxy agent for dynamically setting up a session between a target resource in a private network and an application on a device
JP5678804B2 (en) * 2011-05-27 2015-03-04 ソニー株式会社 Information processing apparatus, information processing method, and program
US8997254B2 (en) * 2012-09-28 2015-03-31 Sonic Ip, Inc. Systems and methods for fast startup streaming of encrypted multimedia content
US20150235011A1 (en) * 2014-02-19 2015-08-20 Adobe Systems Incorporated Drm protected video streaming on game console with secret-less application
US11853402B2 (en) * 2014-09-19 2023-12-26 Comcast Cable Communications, Llc Video resolution enforcement and optimization in an adaptive bitrate environment
CN106130958B (en) * 2016-06-08 2019-02-01 美的集团股份有限公司 The communication system and method for household appliance and terminal, household appliance, terminal

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7508941B1 (en) * 2003-07-22 2009-03-24 Cisco Technology, Inc. Methods and apparatus for use in surveillance systems
CN101938462A (en) * 2009-06-30 2011-01-05 安讯士有限公司 Be used to limit the method for the visit of the media data that video camera is produced
US8826036B1 (en) * 2009-10-29 2014-09-02 Amazon Technologies, Inc. Ebook encryption using variable keys
CN106464950A (en) * 2014-04-11 2017-02-22 电视广播有限公司 Method of delivering and securing media content

Also Published As

Publication number Publication date
US20230401292A1 (en) 2023-12-14
EP3607751A1 (en) 2020-02-12
US20250226972A1 (en) 2025-07-10
WO2018185174A1 (en) 2018-10-11
EP3607751C0 (en) 2024-02-28
ES2982303T3 (en) 2024-10-15
EP3386202A1 (en) 2018-10-10
BR112019020149A2 (en) 2020-04-22
EP3607751B1 (en) 2024-02-28
CN114944959A (en) 2022-08-26
CN110476432A (en) 2019-11-19
US12261942B2 (en) 2025-03-25
US11714883B2 (en) 2023-08-01
US20200050738A1 (en) 2020-02-13
CN114944959B (en) 2024-07-02

Similar Documents

Publication Publication Date Title
US9813247B2 (en) Authenticator device facilitating file security
US10187389B2 (en) Technologies for supporting multiple digital rights management protocols on a client device
US9479333B2 (en) Method of managing sensitive data in mobile terminal and escrow server for performing same
US20250226972A1 (en) Security of surveillance media
WO2006135504A2 (en) Method and apparatus for transferring protected content between digital rights management systems
US8538890B2 (en) Encrypting a unique cryptographic entity
CN103475664A (en) Credible extraction method for digital evidence of Android
CN116233158A (en) A data storage method, device, equipment and storage medium
CN105187426B (en) For realizing the method and system of cross-domain access based on authentication information
US12212659B2 (en) Private key cloud storage
CN101281579B (en) The method and apparatus of the digital content in protection USB mass storage device
KR101790948B1 (en) Apparatus and method for providing drm service, apparatus and method for playing contents using drm service
US20230376574A1 (en) Information processing device and method, and information processing system
KR101473656B1 (en) Method and apparatus for security of mobile data
CN110008654A (en) Electronic document treating method and apparatus
WO2018121394A1 (en) Mobile terminal, alarm information acquisition and sending method and device
JP2022510392A (en) Secure transmission of data in a data stream
TW201314491A (en) Information storing device, information processing device, information processing system, information processing method, and program
CN115438352A (en) Data processing method, device, equipment and storage medium
TWM520661U (en) Remote monitoring system
HK1228537A1 (en) Method and system for data desensitization
HK1228537A (en) Method and system for data desensitization

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant